David Mehler <dave.mehler@gmail.com> writes:

I'm wanting letsencrypt to take over as my CA, replacing existing self signed certificates. I've got web working, a certificate for https sites and one for webmail as they have different names. What I'm now wanting to do is get letsencrypt going for my email setup, the smtp handled by postfix, but mail, and imap I believe are handled by dovecot.

SMTP is handled by postfix, imap/pop is handled by dovecot.

With the web it was easy just let apache serve the token that letsencrypt needed and I got certificates. How do I do this with regards email?

You can do the DNS challenge method if your server has the ability to update DNS entries, or you can use certbot clients in standalone-mode that will act as a simple web server just long enough to serve out the token to complete the authentication.

Joseph Tam <jtam.home@gmail.com>